/**
 * This file is a part of qloudgen-sec. 
 * You can redistribute qloudgen-sec and/or modify it under the terms of the Lesser GNU General Public License version 3. 
 * qloudgen-sec is distributed WITHOUT ANY WARRANTY. 
 *
 * See the Lesser GNU General Public License for more details at http://www.gnu.org/licenses/. 
 **/
package org.qloudgen.sec.cas.client.filter;

import java.io.IOException;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;

import io.buji.pac4j.filter.ClientPermissionsAuthorizationFilter;

import org.apache.shiro.subject.Subject;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/**
 * <p>Title: Default Permission Filter Implementation</p>
 * <p>Description: Wrappered default permission implementation based pac4j.</p>
 * <p>Copyright: qloudgen/sec 2014</p>
 * @author <a href="mailto:hyq.dd.sun@gmail.com">glue.3M</a>
 */
public class DefaultPermissionsAuthorizationFilter extends ClientPermissionsAuthorizationFilter {
	/**
	 * Log output.
	 */
	private final static Logger logger = LoggerFactory.getLogger( DefaultPermissionsAuthorizationFilter.class );
	
	/**
	 * Default constructor.
	 */
	public DefaultPermissionsAuthorizationFilter() {
	}
	
	/**
	 * Authorization.
	 *
	 * @param request
	 * @param response
	 * @param mappedValue
	 * @throws IOException
	 */
	@Override
	public boolean isAccessAllowed(final ServletRequest request , final ServletResponse response , Object mappedValue) throws IOException {
		//
		try {
			//
			logger.info( "Starting default permissions filter..." );
			/**
			 * Do get current subject.
			 */
			Subject subject = getSubject( request , response );
			/**
			 * Do default authorization.
			 */
			boolean result = subject.isAuthenticated();
			//
			logger.info( "Started default permissions filter...{}" , result );
			//
			return result;
		}
		catch (Throwable t) {
			throw new IOException( "Current default permissions filter is fail..." , t );
		}
	}
}